CWE-401 - Missing release of memory after effective lifetime

Description

The weakness causes crash of software applied for following and removing of unnecessary information from allocated memory after using. Gradually all undeleted data devour leftover memory. Such problems are often provoked by distorted information or suddenly interrupted session.
Usually memory leak is connected with software security. But because of memory shortage attacker can easily perform denial of service attack and gain control over any of other programs.
The weakness is introduced during Architecture and Design, Implementation stages.

Latest vulnerabilities for CWE-401

Multiple vulnerabilities in laszip 2024-04-18
High Yes

Multiple vulnerabilities in Oracle Linux 2024-04-17
High Yes

Multiple vulnerabilities in IBM Sterling Order Management 2024-04-16
High Yes

Multiple vulnerabilities in Juniper Networks Junos cRPD 2024-04-15
High Yes

Multiple vulnerabilities in Juniper Cloud Native Router 2024-04-15
High Yes

Missing release of memory after effective lifetime in Juniper Junos OS 2024-04-11
Medium Yes

Information disclosure in Linux kernel accel driver 2024-04-09
Low Yes

Memory leak in Kerberos 5 2024-04-09
Medium No

Denial of service in Kerberos 5 2024-04-09
Medium Yes

Local denial of service in Linux kernel i2c driver 2024-04-08
Low Yes

References

Description of CWE-401 on Mitre website